In message <0BD7B951-93F7-4620-A098-987EF53E2CA3@bblfish.net>, Henry Story writ
es:
>You mean the server may not be allowed to use crypto for encryption. I
>seriously doubt a server may not be allowed to use crypto for integrity and
>identity. TLS allows crypto to be used for integrity and identity without
>confidentiality.
>User interfaces do need to be improved to make this visible, but it is
>available.
You seem to forget that certain services are based on plausible deniability.
Adding integrity proving metadata would not work for them.
But at the bottom of this argument is a much more fundamental question
which you still have not answered:
You and which army is going to make people switch from HTTP/1.1 to
HTTP/2.0 if they don't think it is an improvement ?
Remember that HTTP/2.0 is an offer we can make, not a law we can enforce.
See also: OSI protocols, IPv6 etc.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.